Network Security (7) Flashcards
Which of the following types of attacks requires no computer equipment?
Denial of service
Social engineering
Brute force
Social engineering
Social engineering is the practice of obtaining sensitive data by contacting users and pretending to be someone with a legitimate need for that data. No computer equipment is required and no software or hardware solution can prevent it; the only way is to educate users of the potential dangers and establish policies that inform users what to do when they experience a social engineering attempt. Denial of service is a type of attack that overwhelms a computer with traffic, preventing it from functioning properly. A brute-force attack is one in which an attacker uses repeated guesses to find a password, an open port, or some other type of sensitive data. Phishing is the term for a bogus email or website designed to infect users with some type of malware
Which of the following best describes a brute-force attack?
An attacker breaking down the door of a datacenter
An attacker cracking a password by trying thousands of guesses
An attacker using zombie computers to flood a server with traffic
An attacker cracking a password by trying thousands of guesses
A brute-force attack is one in which an attacker uses repeated guesses to find a password, an open port, or some other type of sensitive data. Brute force does not refer to a physical attack. Flooding a server with traffic created by zombies is a distributed denial-of-service (DDoS) attack. Deploying an unauthorized access point is an evil twin attack
An intruder has deployed a rogue access point on your company’s wireless network and is using it to access traffic generated by users who have accidentally connected to it. Which of the following is the name for this type of attack?
Evil twin
War driving
Social networking
Evil twin
An evil twin is a fraudulent access point on a wireless network, which an intruder can use to obtain passwords and other sensitive information transmitted by users. War driving is the term for seeking out open wireless networks. Social engineering is a form of attack in which an innocent user is persuaded by an attacker to provide sensitive information via email or telephone. Spoofing is the process of modifying network packets to make them appear as though they are transmitted by or addressed to someone else
A person identifying himself as Trixie from IT telephones a user called Alice and tells her that there is a problem with her network user account that could cause all her data to be lost. To resolve the problem, Trixie says that she must log on using Alice’s account and configure an important setting. All she needs to do this is Alice’s account password. This call is, of course, an elicit attempt to learn Alice’s password. Which of the following terms describes the type of attack that is currently occurring?
Man in the middle
Spoofing
Social engineering
Social engineering
Social engineering is the term for a type of attack in which a smooth-talking intruder contacts a user and convinces him or her to disclose sensitive information, such as account passwords. A man-in-the-middle attack is one in which an attacker intercepts network traffic, reads the traffic, and can even modify it before sending it on to the destination. Spoofing is the process of modifying network packets to make them appear as though they are transmitted by or addressed to someone else. An evil twin is a fraudulent access point on a wireless network
Which of the following can be described as wireless network hardening techniques? (Choose all correct answers.)
Encryption
Authentication
MAC filtering
Social engineering
Encryption
Authentication
MAC filtering
Encryption, authentication, and MAC filtering are all techniques for hardening a wireless network against attack. Social engineering is a type of attack in which an intruder contacts a user and convinces him or her to disclose sensitive information, such as account passwords
Despite having imposed password policies on his network, compelling users to change their passwords frequently, create passwords of a specific length, and use complex passwords, Ralph has had several reports of account penetrations. The victims of the incidents had all apparently shared a “tip” suggesting that users cycle through the names of their children, nephews, nieces, and other relatives when forced to create new passwords, changing letters to numbers as needed. Which of the following actions can Ralph take to remedy the situation without creating a larger problem?
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
Modify the password policies to force users to change passwords more frequently
Assign the users long passwords consisting of random-generated characters and change them often
Distribute a list of common passwords that are insecure, such as those based on names, birth dates, etc.
There are no policies that can prevent users from creating easily guessed passwords. The only action that can help is to educate users of the fact that attackers are frequently able to guess passwords by using information such as familiar names and dates. Forcing more frequent password changes would not compel users to alter their method for choosing passwords, nor would increasing the password history value. Assigning random passwords would address the issue, but user complaints and forgotten passwords would likely create greater problems than it would solve
Which of the following devices are likely to have default credentials configured into them that attackers might know? (Choose all correct answers.)
Wireless access points
Windows servers
Switches
Routers
Wireless access points
Switches
Routers
Access points, switches, and routers all require authentication to access their administrative interfaces, and most have a standard username and password configured at the factory. The purchaser can modify the default credentials, but many people fail to do so. Windows servers do not have default credentials assigned; the installer is prompted to specify an Administrator password during the setup process
One of the basic principles of network device hardening is to use secure protocols. Which of the following suggestions comply with this principle? (Choose all correct answers.)
Use SSH instead of Telnet.
Use WEP instead of WPA2.
Use TKIP instead of AES.
Use HTTPS instead of HTTP.
Use SSH instead of Telnet.
Use HTTPS instead of HTTP.
Secure Shell (SSH) and Telnet are both remote terminal programs, but Telnet passes instructions (including passwords) in clear text, whereas SSH is encrypted. Hypertext Transfer Protocol Secure (HTTPS) is the encrypted version of HTTP. In both of these cases, the suggested substitute is more secure. However, Temporal Key Integrity Protocol (TKIP) provides less secure encryption than Advanced Encryption Standard (AES), and Wired Equivalent Protocol (WEP) is less secure than Wi-Fi Protected Access 2 (WPA2)
Which of the following wireless security protocols provides the greatest degree of network device hardening?
WEP
WPA
WPA2
WPA2
WPA2 is the most secure of the wireless protocols, providing the greatest degree of network device hardening. WPA was created to replace the insecure Wired Equivalent Privacy (WEP) protocol, and WPA2 was created to replace the Temporal Key Integrity Protocol (TKIP) used in the first version of WPA with Advanced Encryption Standard (AES). Extensible Authentication Protocol (EAP) is a framework for the encapsulation of authentication messages
Which of the following are cryptographic algorithms used for file hashing? (Choose all correct answers.)
SHA
MD5
RC4
AES
SHA
MD5
Secure Hash Algorithm (SHA) and Message Digest 5 (MD5) are file hashing algorithms, used to test data integrity by calculating a hash value before transmission a file over a network. After the transmission, the receiving system performs the same calculation. If the values match, then the data is intact. RC4 and Advanced Encryption Standard (AES) are both cryptographic algorithms, but they are not used for file hashing
SHA and MD5 are cryptographic algorithms that are used for which of the following applications?
Data encryption
Digital signing
File hashing
File hashing
Secure Hash Algorithm (SHA) and Message Digest 5 (MD5) are file hashing algorithms, used to test data integrity by calculating a hash value before transmission a file over a network. After the transmission, the receiving system performs the same calculation. If the values match, then the data is intact. These two algorithms are not used for data encryption, digital signing, or wireless authentication
On which of the following types of devices should you consider disabling unused ports as a security precaution? (Choose all correct answers.)
Hubs
Servers
Switches
Wireless access points
Servers
Switches
Servers and switches are both devices on which unused ports can be a security hazard, but they use the term port differently. Servers have application layer ports that permit specific types of traffic to enter the server. Switches have ports to which administrators can connect computers and other devices. Both can provide attackers with unauthorized access to the device. It is not possible to disable hub ports, and the access points used on enterprise networks typically have only a single port
For which of the following reasons is disabling the SSID broadcast of a wireless network to prevent unauthorized access a relatively weak method of device hardening?
Attackers have ways of connecting to the network without the SSID.
Attackers can capture packets transmitted over the network and read the SSID from them.
Every access point’s SSID is printed on a label on the back of the device.
Attackers can capture packets transmitted over the network and read the SSID from them.
Disabling SSID broadcasts is a way of hiding the presence of a wireless network, but if an intruder knows that a network is there, it is a simple matter to capture packets transmitted by the wireless devices and read the SSID from them. It is not possible to connect to a wireless network without the SSID. SSIDs are set by the administrator of the access point; they are not printed on the device’s label. SSIDs can be found relatively easily, but guessing them is no easier than guessing a password
Regularly applying operating system updates and patches to network computers is an important mitigation procedure for which of the following security problems?
Denial-of-service attacks
Malware
Social engineering
Malware
Operating system updates and patches are frequently released to address newly discovered exploits that make computers vulnerable to malware infestation. Applying updates on a regular basis can help to mitigate the impact of malware. Updates and patches typically cannot mitigate DoS attacks, and they have no effect on nontechnical dangers such as social engineering or dangers that apply to switches, such as port security hazards
Which of the following cannot be considered to be a server hardening policy?
Disabling unnecessary services
Disabling unused TCP and UDP ports
Upgrading firmware
Upgrading firmware
Upgrading the UEFI or BIOS firmware on a server typically does not enhance its security, so it cannot be considered a form of server hardening. Disabling services and ports that are not in use reduces the attack surface of a server and creating privileged user accounts reduces the chance that privileged accounts will be compromised. These, therefore, are all forms of server hardening
